def test_initialising_session_with_new_provider_name_should_reset_session( self): storage = {} session1 = UserSession(storage, 'provider1') session1.update() assert session1.is_authenticated() is True session2 = UserSession(storage, 'provider2') assert session2.is_authenticated() is False
def test_initialising_session_with_existing_user_session_should_preserve_state( self): storage = {} session1 = UserSession(storage, self.PROVIDER_NAME) session1.update() assert session1.is_authenticated() is True assert session1.current_provider == self.PROVIDER_NAME session2 = UserSession(storage, self.PROVIDER_NAME) assert session2.is_authenticated() is True assert session2.current_provider == self.PROVIDER_NAME session3 = UserSession(storage) assert session3.is_authenticated() is True assert session3.current_provider == self.PROVIDER_NAME
def oidc_auth(auth, provider_name, destination='/'): def authenticate(client, interactive=True): if not client.is_registered(): auth._register_client(client) flask_session['destination'] = destination extra_auth_params = {} if not interactive: extra_auth_params['prompt'] = 'none' auth_req = client.authentication_request( state=rndstr(), nonce=rndstr(), extra_auth_params=extra_auth_params) flask_session['auth_request'] = auth_req.to_json() login_url = client.login_url(auth_req) auth_params = dict(parse_qsl(login_url.split('?')[1])) flask_session[ 'fragment_encoded_response'] = AuthResponseHandler.expect_fragment_encoded_response( auth_params) return redirect(login_url) session = UserSession(flask_session, provider_name) client = auth.clients[session.current_provider] if session.should_refresh(client.session_refresh_interval_seconds): return authenticate(client, interactive=False) elif session.is_authenticated(): return redirect(destination) else: return authenticate(client)
def index(): try: user_session = UserSession(session) is_authorized = user_session.is_authenticated() except UninitialisedSession: is_authorized = False return render_template( 'index.html', title=('Home'), authorized=(is_authorized), )
def profile(): try: user_session = UserSession(session) is_authorized = user_session.is_authenticated() except UninitialisedSession: print("Not authenticated!") redirect(url_for('main.index')) return render_template('profile.html', title=('Profile'), access_token=user_session.access_token, id_token=user_session.id_token, userinfo=user_session.userinfo, authorized=(is_authorized))